Hi CG - 

It looks as if you've taken the right step to disable the create account and password reset links.  We'd expect selfServiceLinksEnabled to have the documented effect (determines if users are allowed to sign up or reset their passwords via the UI) and aren't aware of open issues with its function.  Keep in mind that this value isn't global as it can be set for each individual identity zone.  If you think you've found a bug/issue, I'd encourage you to open a github issue supplying content that will allow the team to recreate the situation.

As for suppressing just one of the two self service links, that feature isn't offered.  Currently, enablement or disablement occurs jointly.  If it's of any value, you do have the option to set the destination http link for the 'create an acct' experience using config.links.selfService.signup .  I've seen implementations wherein this link takes users to a joint self service page with the information they need to either create an account or reset their password.

Regards,

Dan Beneke